CVE-2013-2221
Published Oct 4, 2013
Last updated 7 years ago
Overview
- Description
- Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large packet.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:wernerd:zrtpcpp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91D694E9-06A4-403E-908A-A953237E1EA5", "versionEndIncluding": "3.2.1" }, { "criteria": "cpe:2.3:a:wernerd:zrtpcpp:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3F4A3FA-4EC9-4CC5-ABCA-4858D2228242" }, { "criteria": "cpe:2.3:a:wernerd:zrtpcpp:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB27C7A4-7124-4B7B-85E4-A5E196B697E0" }, { "criteria": "cpe:2.3:a:wernerd:zrtpcpp:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5932ACB9-2B8B-4C50-B175-734F4843F455" }, { "criteria": "cpe:2.3:a:wernerd:zrtpcpp:3.0.0:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68C2369A-8E40-45E2-84BC-B4DC6D01DB36" }, { "criteria": "cpe:2.3:a:wernerd:zrtpcpp:3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "224FED2C-D300-409F-B424-9BB65735B986" }, { "criteria": "cpe:2.3:a:wernerd:zrtpcpp:3.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9BFF3A4-44CF-48DC-BA1B-D11B3F49FC00" } ], "operator": "OR" } ] } ]